Showing 9 posts in Electronic Health Records.
HHS Office for Civil Rights Publishes Checklist for HIPAA Covered Entities Responding to Cybersecurity Incidents
The U.S. Department of Health and Human Service's Office for Civil Rights ("OCR") recently published guidance for entities covered by HIPAA, entitled "My entity just experienced a cyber-attack! What do we do now?" Read More ›
The Office of the National Coordinator for Health IT (ONC) released a report on January 29 that identifies optimal healthcare information exchange and implementation standards to enable a nationally interoperable health data information exchange system by 2017 (i.e. standards so that you can have your health records sent and read by all your doctors).
In healthcare, interoperability of IT systems allows providers to share data among different practitioners, insurers, billing and scheduling systems and health information exchanges. Interoperability has the potential to improve the quality of patient care by providing access to accurate, timely information in one location, save time previously used searching for information, and make critical medical information instantly available for clinical decisions.
Under the 2009 economic stimulus legislation’s electronic health records (EHR) incentive payment program, the ONC was directed to establish a governance mechanism for the nationwide health information network. Since that time, however, the ONC has been under increasing criticism about the lack of interoperability of EHRs despite the significant public investment. Read More ›
The Michigan Court of Appeals recently decertified a class action suit against Henry Ford Health System (HFHS) and its subcontractor, a medical transcription service, for inadvertently disclosing sensitive patient information online. On December 18, 2014, a unanimous three-judge panel reversed the trial court’s denial of summary judgment in favor of the defendants. The court held that an invasion of privacy claim requires an intentional act rather than mere negligence and that the plaintiff’s claims for negligence and breach of contract require proof of an actual injury.
The class consisted of 159 patients who visited HFHS between June 3, 2008 and July 18, 2008. The case arose when the defendant subcontractor made a configuration change to its server which left certain patient records unsecured. As a result, Google’s automated web server, “Googlebot,” indexed the information and made it available for users to search online. The information included each patient’s name, date of service, and diagnoses. The unnamed lead plaintiff alleged that her records revealed a sexually transmitted disease. Read More ›
Categories: Electronic Health Records, Privacy
Reduced reimbursements. A shift toward global payment. A demand for integration, quality of care and medical specializations. In order to compete amidst today’s healthcare market pressures, independent hospitals in Michigan and around the nation are increasingly deciding that they cannot go it alone. A recent Detroit News article reveals how this trend is playing out in Metro Detroit, with one of the region’s last two independent hospitals poised for acquisition.
Observers of Detroit’s healthcare environment are reportedly not surprised by the news that Crittenton Hospital Medical Center has signed a letter of intent to join St. Louis-based Ascension Health, the largest Catholic and nonprofit health system in the nation. With Monroe-based Mercy Memorial Hospital announcing on January 6 that it is joining the ProMedica health care company, the Crittenton deal will leave Doctors’ Hospital in Pontiac as the region’s last remaining independent hospital.
Laura Wotruba, spokeswoman for the Michigan Health and Hospital Association, said that this is not a Michigan issue, but rather a widespread pattern. “[It is] a national trend [and] something we’ve been seeing around the country.” Read More ›
"It's a war we're in." That's how John Halamka, the chief information officer of Boston-based Beth Israel Deaconess Medical Center, described the current state of affairs between the health care industry and the hackers and identity thieves who are trying to steal patient records.
A recent Boston Globe article detailed the threat and provided some interesting - and sobering - statistics and information:
- There is high demand for health records, and a single health record may be worth $50 according to the FBI
- Criminal intrusions into health care systems have risen 100 percent in the past four years
- Of 614 total identity theft breaches in 2013, 269 (43.8 percent) were in health care (the most of any industry)
- Despite being the subject of the most attacks, a recent study by BitSight Technologies found that health care providers are the slowest in any industry to respond to data breaches.
Hackers are motivated to target health records in order to facilitate identity theft, financial fraud and illegal drug use. The Boston Globe article, in particular, highlighted two recent incidents involving cyber-security breaches: (1) Chinese hackers seized the personal information of 4.5 million patients at a Tennessee-based hospital network, and (2) federal officials disclosed on September 4 that a hacker managed to install malicious software on HealthCare.gov. Read More ›
As hospitals and doctors across the country become more technologically sophisticated and use more and more medical devices that are connected to the Internet in some fashion, they are increasingly being attacked and compromised by sophisticated cyberattacks. Attacks on US hospitals’ medical data – which put patient records and personal information at risk – have more than doubled since 2010, according to a new study by the Ponemon Institute.
In its report, the Ponemon Institute states that 90 percent of health care institution respondents had at least one data breach in the last two years, while 38 percent had more than five data breaches during that same time period. While many of these breaches stemmed from lost or stolen computers, technical glitches, and third-party problems, several were due to criminal attacks. Read More ›
Final Rules Published in the Federal Register Extend Protections of Electronic Health Record Donations
On Dec. 27, 2013, final rules were published in the Federal Register by the Office of Inspector General and the Centers for Medicare & Medicaid Services. These rules amend regulations protecting certain arrangements involving the donation of electronic health records (EHR) software or information technology and training services related to such EHR software from the Anti-Kickback Statute and Stark law. The final rules are nearly identical to one another and make five primary changes to the EHR provisions: Read More ›
Categories: Electronic Health Records, Providers
The latest edition of the Foster Swift Health Care Law Newsletter has just been released. Topics include Electronic Health Records, Medicare Reimbursement for Resident Research and Hospital Community Needs Assessments. In order to whet your appetite, below is a brief summary of the articles: Read More ›
The Department of Health and Human Services ("DHHS") is moving forward with its HIPAA auditing program, which will launch in late 2011 or in 2012. After the audit protocols have been created, they will be field-tested through approximately 20 audits. Once the field tests are completed, up to 150 on-site audits will take place through the end of 2012. It is not clear which types of entities will be selected for audit. It is also not yet clear whether the DHHS Office for Civil Rights ("OCR") will audit only covered entities, or whether business associates will be audited as well. In addition, the OCR has not yet determined whether or how it will publish its audit results. Given the significance of being subject to a HIPAA audit, organizations should take this time to review their policies and procedures for HIPAA privacy and security compliance. Moreover, with the newness of electronic health record ("EHR") systems, those with EHR will especially want to make sure that these systems are compliant. Please contact me at 517.371.8231 or 906.226.5501 if you would like assistance with any review.
- Long Term Care
- Electronic Health Records
- Labor Relations
- Digital Assets
- Accountable Care Organizations
- News & Events
- Health Insurance Exchange
- Fraud & Abuse
- 6th Circuit Court of Appeals
- Employee Benefits
- Health Care Reform
- HITECH Act